ACCESS BLOCK

  • Resolved laura_lapulceweb

    (@laura_lapulceweb)


    3 years, 9 months ago

    Good morning,
    when the Max Lockouts (8) are exceeded, access is blocked to any administrator user, is this normal?
    In order to re-access the backend of the site I have to deactivate the plugin from FTP and then re-activate it and remove the “Failed login attempts log”.
    I would like to know if there is a way to not block all admin users when there is an attack.
    In this screenshot of System information https://snipboard.io/HBhOgQ.jpg, you can see the “Server’s IP Address” and “Your IP Address”, What does Your IP Address indicate? Because it is not the IP of my PC…
    When the block occurs as you see in this screenshot https://snipboard.io/L3Gm2P.jpg, the IP indicated is the same as “Your IP Address” so I have never put it on the blacklist for fear that it would block all access, can you clarify how it works?
    Thanks

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Contributor loginizer

    (@loginizer)

    Hi,

    Sorry to hear about the issue you faced.

    No the admins are not blocked when there is an attack. Only the IP from where the attack is received is blocked.

    In you case it seems the attacker IP and your IP was the same.

    “Your IP Address” displayed in Loginizer is the public IP through which you are accessing the internet i.e. your ISP.

    It seems this might not be a real attack but rather someone from your office or team (using the same ISP/IP) exhausted the login attempts.

    If you are locked out you can use Softaculous (if it is available on your server) to login using their Sign On feature.

    Do let us know if you have any questions.

    Thread Starter laura_lapulceweb

    (@laura_lapulceweb)

    Good morning,
    thank you, but if I check my IP it is this https://snipboard.io/Dw4OCN.jpg, not the one indicated in the plugin and the other members of my team access from other IPs.
    There is something wrong with the IP detection because any blocked user always has the same IP 172.16.3.181, I also checked this morning and a customer probably got the wrong login details and is always associated to the IP 172.16.3.181. What could it be?

    Plugin Contributor loginizer

    (@loginizer)

    Hi,

    Is it possible to get login access to your site so we can check this issue ?

    You can submit the login details securely via support ticket here :
    https://softaculous.deskuss.com/open.php?topicId=16

    Thread Starter laura_lapulceweb

    (@laura_lapulceweb)

    Hi, I’ve sent the data in a ticket but haven’t received a reply.

    Plugin Contributor loginizer

    (@loginizer)

    Hi,

    Sorry for the delay in response.

    It seems there is a proxy running on your server causing the issue.

    I logged in to the WordPress admin panel -> Loginizer Security -> Dashboard and selected the value for, Your IP Address “Method” as “HTTP_X_FORWARDED_FOR” and the IP detection works fine now.

    Do let us know if you still face the issue.

    Thread Starter laura_lapulceweb

    (@laura_lapulceweb)

    Thank you very much

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘ACCESS BLOCK’ is closed to new replies.